Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/yxkiyGM3pbNkPYFL9FDHz22pP8U.roa
File: yxkiyGM3pbNkPYFL9FDHz22pP8U.roa (raw, json)
Hash identifier: SmIlFAasd06PjigF3ebSf7dcxtU8ALp+YUD/aTC7/Rg=
Subject key identifier: CB:19:22:C8:63:37:A5:B3:64:3D:81:4B:F4:50:C7:CF:6D:A9:3F:C5
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266BCE24FE30E41DCC02C1C208E30AA4
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/yxkiyGM3pbNkPYFL9FDHz22pP8U.roa
Signing time: Thu 02 Jan 2025 09:49:46 +0000
ROA not before: Thu 02 Jan 2025 09:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12741
IP address blocks: 5.226.64.0/18 maxlen: 18
5.226.92.0/24 maxlen: 24
5.226.128.0/22 maxlen: 24
5.226.135.0/24 maxlen: 24
37.128.0.0/17 maxlen: 17
62.87.128.0/17 maxlen: 17
62.89.64.0/18 maxlen: 18
62.111.128.0/17 maxlen: 17
62.111.250.0/24 maxlen: 24
62.148.64.0/19 maxlen: 19
62.181.160.0/19 maxlen: 19
62.233.128.0/17 maxlen: 17
62.244.128.0/19 maxlen: 19
77.65.134.0/24 maxlen: 24
77.65.155.0/24 maxlen: 24
77.65.171.0/24 maxlen: 24
77.65.188.0/24 maxlen: 24
77.65.193.0/24 maxlen: 24
77.65.209.0/24 maxlen: 24
77.252.0.0/14 maxlen: 14
78.8.0.0/14 maxlen: 14
81.168.128.0/17 maxlen: 17
81.210.0.0/17 maxlen: 17
81.219.0.0/16 maxlen: 16
82.143.128.0/18 maxlen: 18
83.238.0.0/16 maxlen: 16
84.40.128.0/17 maxlen: 17
85.31.252.0/24 maxlen: 24
85.128.0.0/17 maxlen: 17
85.202.54.0/24 maxlen: 24
85.202.59.0/24 maxlen: 24
87.105.0.0/16 maxlen: 16
87.204.0.0/15 maxlen: 15
87.239.216.0/21 maxlen: 22
89.171.0.0/16 maxlen: 16
91.192.88.0/22 maxlen: 22
93.159.0.0/18 maxlen: 18
93.180.160.0/19 maxlen: 19
159.205.0.0/16 maxlen: 16
178.16.116.0/24 maxlen: 24
178.16.121.0/24 maxlen: 24
178.16.125.0/24 maxlen: 24
178.36.0.0/15 maxlen: 15
185.58.160.0/22 maxlen: 22
185.58.160.0/23 maxlen: 23
185.58.162.0/23 maxlen: 23
185.72.184.0/22 maxlen: 22
185.164.140.0/22 maxlen: 22
185.244.96.0/22 maxlen: 22
193.19.104.0/23 maxlen: 23
193.91.16.0/20 maxlen: 20
193.192.173.0/24 maxlen: 24
193.192.181.0/24 maxlen: 24
193.192.188.0/24 maxlen: 24
193.192.190.0/24 maxlen: 24
195.114.160.0/19 maxlen: 19
212.49.32.0/19 maxlen: 19
212.106.0.0/19 maxlen: 19
213.17.128.0/17 maxlen: 17
213.17.244.0/24 maxlen: 24
213.134.128.0/19 maxlen: 19
213.146.32.0/19 maxlen: 19
213.186.64.0/19 maxlen: 19
213.195.128.0/18 maxlen: 18
213.216.64.0/18 maxlen: 18
213.238.64.0/18 maxlen: 18
213.241.0.0/17 maxlen: 17
213.241.89.0/24 maxlen: 24
217.30.128.0/19 maxlen: 19
2001:16b0::/32 maxlen: 32
2001:41b0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 09:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ce:24:fe:30:e4:1d:cc:02:c1:c2:08:e3:0a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb1922c86337a5b3643d814bf450c7cf6da93fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:60:f0:e2:5c:a3:0b:a4:79:56:e8:07:72:74:
7f:dc:90:a1:04:be:fb:b9:8a:3c:6c:0e:71:e7:0b:
2b:61:67:7d:01:87:5b:a6:d7:0b:d6:b2:5e:df:32:
19:2d:1c:b7:e3:e6:9b:27:b5:4f:75:34:7c:3b:3e:
66:a4:de:18:f8:a6:ad:9d:64:41:34:6a:28:ba:13:
29:01:05:95:fe:36:07:40:f8:f9:96:89:b1:f4:47:
fb:fe:98:b7:ef:5e:78:8b:54:6d:e6:13:6c:c0:7b:
e4:0e:8d:61:28:08:ce:b5:94:76:8a:9b:43:e8:c8:
ef:eb:a3:f0:7c:b1:3e:bd:96:5f:c8:74:86:85:a9:
ca:54:26:ee:60:f6:a2:ae:e6:09:be:d3:2c:b1:37:
a3:63:b4:76:27:5d:28:0d:00:b9:0b:53:f4:c5:dc:
e2:73:2d:14:71:18:10:f0:1e:41:22:fc:75:09:c4:
39:e3:b1:ba:5e:50:44:7c:21:59:fa:ee:bc:21:f8:
1b:fd:fd:eb:fa:bf:a2:4a:41:9d:11:3a:10:ba:14:
6f:63:68:ed:1e:2c:04:b9:73:ae:75:f3:34:f8:b6:
a8:87:df:4b:e8:37:28:5b:25:cd:7d:8b:1f:05:18:
1f:9f:0e:47:73:e1:ac:b2:69:9a:e5:8b:41:1c:bb:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:19:22:C8:63:37:A5:B3:64:3D:81:4B:F4:50:C7:CF:6D:A9:3F:C5
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/yxkiyGM3pbNkPYFL9FDHz22pP8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.64.0-5.226.131.255
5.226.135.0/24
37.128.0.0/17
62.87.128.0/17
62.89.64.0/18
62.111.128.0/17
62.148.64.0/19
62.181.160.0/19
62.233.128.0/17
62.244.128.0/19
77.65.134.0/24
77.65.155.0/24
77.65.171.0/24
77.65.188.0/24
77.65.193.0/24
77.65.209.0/24
77.252.0.0/14
78.8.0.0/14
81.168.128.0/17
81.210.0.0/17
81.219.0.0/16
82.143.128.0/18
83.238.0.0/16
84.40.128.0/17
85.31.252.0/24
85.128.0.0/17
85.202.54.0/24
85.202.59.0/24
87.105.0.0/16
87.204.0.0/15
87.239.216.0/21
89.171.0.0/16
91.192.88.0/22
93.159.0.0/18
93.180.160.0/19
159.205.0.0/16
178.16.116.0/24
178.16.121.0/24
178.16.125.0/24
178.36.0.0/15
185.58.160.0/22
185.72.184.0/22
185.164.140.0/22
185.244.96.0/22
193.19.104.0/23
193.91.16.0/20
193.192.173.0/24
193.192.181.0/24
193.192.188.0/24
193.192.190.0/24
195.114.160.0/19
212.49.32.0/19
212.106.0.0/19
213.17.128.0/17
213.134.128.0/19
213.146.32.0/19
213.186.64.0/19
213.195.128.0/18
213.216.64.0/18
213.238.64.0/18
213.241.0.0/17
217.30.128.0/19
IPv6:
2001:16b0::/32
2001:41b0::/32
Signature Algorithm: sha256WithRSAEncryption
17:27:55:1b:fa:fa:9f:69:d3:9c:98:e9:40:fb:46:86:d8:4e:
f8:2d:87:bf:ae:00:4d:8c:d5:4c:74:6f:aa:8c:4e:5b:ed:4e:
ec:d7:00:20:e6:00:a6:0a:46:a7:62:79:ad:23:d8:6a:9e:af:
08:ea:db:84:76:31:ec:be:84:58:61:93:9f:48:a0:5e:0b:7c:
0c:ad:5f:e6:af:33:35:f1:8d:a1:ca:5f:2a:66:86:73:d8:9a:
a8:36:f9:9f:7a:ab:12:08:d7:ab:a9:ad:be:74:b2:12:9f:ab:
91:3e:76:83:3f:2c:7d:04:77:38:23:dd:89:09:d4:a4:aa:12:
ef:a8:dd:aa:78:fd:e5:eb:69:20:c0:d6:70:62:4e:e7:b7:c5:
6c:fc:5c:a2:3c:14:e6:12:48:7e:90:7c:12:9a:cb:8f:63:9f:
ca:83:3d:1a:ca:1c:18:5f:49:51:94:2c:fb:39:61:67:c0:07:
11:f3:a4:94:19:60:a8:3e:87:e9:84:f8:c4:9e:69:62:63:78:
39:91:8b:17:e5:51:7a:00:91:24:c1:6e:9b:3f:ea:58:76:a1:
bb:94:ad:d3:61:e6:18:0d:45:29:7e:22:a2:23:6b:4e:b9:42:
6f:46:7b:02:b7:c0:cb:dc:07:09:60:a3:81:46:5b:0c:76:c4:
22:97:42:35
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgISAZQma84k/jDkHcwCwcII4wqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE5MjJjODYzMzdhNWIzNjQzZDgxNGJmNDUwYzdjZjZkYTkzZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42Dw4lyjC6R5VugHcnR/3JChBL77
uYo8bA5x5wsrYWd9AYdbptcL1rJe3zIZLRy34+abJ7VPdTR8Oz5mpN4Y+KatnWRB
NGoouhMpAQWV/jYHQPj5lomx9Ef7/pi37154i1Rt5hNswHvkDo1hKAjOtZR2iptD
6Mjv66PwfLE+vZZfyHSGhanKVCbuYPairuYJvtMssTejY7R2J10oDQC5C1P0xdzi
cy0UcRgQ8B5BIvx1CcQ547G6XlBEfCFZ+u68Ifgb/f3r+r+iSkGdEToQuhRvY2jt
HiwEuXOudfM0+Laoh99L6DcoWyXNfYsfBRgfnw5Hc+Gssmma5YtBHLvCgwIDAQAB
o4IDljCCA5IwHQYDVR0OBBYEFMsZIshjN6WzZD2BS/RQx89tqT/FMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEveXhraXlHTTNwYk5rUFlGTDlGREh6MjJwUDhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqgYIKwYBBQUHAQcBAf8EggGZMIIBlTCCAXsEAgABMIIB
czAMAwQGBeJAAwQCBeKAAwQABeKHAwQHJYAAAwQHPleAAwQGPllAAwQHPm+AAwQF
PpRAAwQFPrWgAwQHPumAAwQFPvSAAwQATUGGAwQATUGbAwQATUGrAwQATUG8AwQA
TUHBAwQATUHRAwMCTfwDAwJOCAMEB1GogAMEB1HSAAMDAFHbAwQGUo+AAwMAU+4D
BAdUKIADBABVH/wDBAdVgAADBABVyjYDBABVyjsDAwBXaQMDAVfMAwQDV+/YAwMA
WasDBAJbwFgDBAZdnwADBAVdtKADAwCfzQMEALIQdAMEALIQeQMEALIQfQMDAbIk
AwQCuTqgAwQCuUi4AwQCuaSMAwQCufRgAwQBwRNoAwQEwVsQAwQAwcCtAwQAwcC1
AwQAwcC8AwQAwcC+AwQFw3KgAwQF1DEgAwQF1GoAAwQH1RGAAwQF1YaAAwQF1ZIg
AwQF1bpAAwQG1cOAAwQG1dhAAwQG1e5AAwQH1fEAAwQF2R6AMBQEAgACMA4DBQAg
ARawAwUAIAFBsDANBgkqhkiG9w0BAQsFAAOCAQEAFydVG/r6n2nTnJjpQPtGhthO
+C2Hv64ATYzVTHRvqoxOW+1O7NcAIOYApgpGp2J5rSPYap6vCOrbhHYx7L6EWGGT
n0igXgt8DK1f5q8zNfGNocpfKmaGc9iaqDb5n3qrEgjXq6mtvnSyEp+rkT52gz8s
fQR3OCPdiQnUpKoS76jdqnj95etpIMDWcGJO57fFbPxcojwU5hJIfpB8EprLj2Of
yoM9GsocGF9JUZQs+zlhZ8AHEfOklBlgqD6H6YT4xJ5pYmN4OZGLF+VRegCRJMFu
mz/qWHahu5St02HmGA1FKX4ioiNrTrlCb0Z7ArfAy9wHCWCjgUZbDHbEIpdCNQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:23:41 2025 by rpki-client